Tag Archives: data breach

Is Google Big Brother-ing You?

By Tracey Dowdy

Did you know that everything you do while you’re signed in to your Google account – and even some things you do when you’re logged off are part of your Google profile? 

That doesn’t just include your Google searches, it includes every song you listen to, Twitter rabbit hole you fall into, cooking video you watch, and even whether you’re using an Android or iOS smartphone. Perhaps even more concerning, Google Maps tracks you wherever you go, remembers the route you take, when you arrive and what time you leave, even if you don’t open the app. 

With everyone from Facebook to Dunkin Donuts admitting they’ve fallen victim to data breaches, Google announced they had created a privacy hub that allows users to access, delete, and limit the data Google can collect from you. The downside is that navigating all the terms and conditions, sorting through what you need and don’t need, and deciding if the features you’ve turned off leave you vulnerable, can be confusing, to say the least. 

These tips will help you sort through the jargon and limit what – and with whom – you’re sharing information.

The first step is to find out what information you consider private GooglTracey Dowdy is a freelance writer based just outside Washington DC. After years working for non-profits and charities, she now freelances, edits and researches on subjects ranging from family and education to history and trends in technology. Follow Tracey on Twitter.e considers public. 

To see what Google is sharing about you: 

CNET suggests that if your goal is “to exert more control over your data but you still want Google services like search and maps to personalize your results, we recommend setting your data to autodelete after three months. Otherwise, feel free to delete all your data and set Google to stop tracking you. For most of the day-to-day things you do with Google, you won’t even notice the difference.”

  • Open a browser window and navigate to your Google Account page.
  • Enter your username
  • From the menu bar, select Personal info and review the information. At this point, you can change or delete your photo, name, birthday, gender, password, and any other email addresses and the phone number connected to your account. 
  • If you’d like to see what of your information is public, scroll to the bottom and select Go to About me. From here you can edit and delete, though there’s no way to make your account private. 

To review Google’s record of your online activity:

  • Sign in to your Google Account and choose Data & Personalization from the navigation bar.
  • Scroll to Activity Controls and select Web & App Activity to see a list of all your activities that Google has logged.
  • If you want Google to stop tracking your web and image searches, browser history, map searches and directions, and interactions with Google Assistant, uncheck both boxes. Otherwise, move on to the next step.
  • Next, click Manage Activity. This page displays all the information Google has collected on you from the activities mentioned in the previous step, dating back to when created your account.
  • You can set Google to automatically delete this kind of data either every three or every 18 months by selecting “Choose to delete automatically” and choose your timeframe. 
  • You can opt to delete part of all of your activity history manually. On the activity bar, go to Delete activity and choose either Last hour, Last day, All-time or set a Custom range.
  • Once you choose an autodelete setting or manually select which data you want to be deleted, a popup will appear and ask you to confirm.
  • To make sure your new settings are saved, go to Manage Activity and make sure whatever’s there (remember, if you deleted it all there shouldn’t be anything there) only goes back the three or 18 months depending on what timeframe you selected in step 5.

Access Google’s record of your location history

  • Sign in to your Google Account and choose Data & Personalization from the navigation bar.
  • Scroll to Activity controls and select Location History to see a list of all your location data that Google has logged.
  • If you want Google to stop tracking your location, toggle off.
  • Next, click Manage Activity. This page displays all the location information Google has collected on you as a timeline and a map, including places you’ve visited, the route you took there and back, as well as frequency and dates of visits.
  • To permanently delete all location history, click on the trash can icon and choose Delete Location History when prompted.
  • If you want to be sure your location data disappeared, start over with Activity Controls in step 2, then after Manage Activity in set 4 make sure the timeline in the upper left corner is empty and there are no dots on the map indicating your previous locations.

Manage your YouTube search and watch history

Again, CNET recommends setting YouTube “to purge your data every three months. That’s just long enough that YouTube’s recommendations will stay fresh, but doesn’t leave a years-long trail of personal data lingering behind.”

 

  • 1. Sign in to your Google Account and choose Data & Personalization from the navigation bar.

 

  • Scroll to Activity controls and select YouTube History to see a list of all your location data that Google has logged.
  • If you want Google to stop tracking your YouTube search and viewing history completely, turn off the toggle on this page.
  • Next, click Manage Activity – a comprehensive list of every search you’ve ever made and every video you’ve ever watched 
  • To set Google to automatically delete your YouTube data either every three or every 18 months, select “Choose to delete automatically” and select your timeframe.
  • To delete part or all of your activity history, on the navigation bar choose “Delete activity by” and choose either “Last hour,” “Last Day,” “All time” or “Custom range.”
  • Once you choose which data to delete, a popup will appear and ask you to confirm. 
  • To make sure your YouTube data is gone, start over with Activity Controls in step 2, then after Manage Activity in step 4 make sure whatever’s there (remember, if you deleted it all there should be nothing) only goes back the three or 18 months you selected in step 5.

Tracey Dowdy is a freelance writer based just outside Washington DC. After years working for non-profits and charities, she now freelances, edits and researches on subjects ranging from family and education to history and trends in technology. Follow Tracey on Twitter.

 

 

Mommy vs. Nana – The Fight Over the Right to Post a Child’s Image

By Tracey Dowdy

I recently polled parents on my Facebook page, asking, “If you’ve chosen not to share pictures of your kids, how do you broach the subject with grandparents or others who don’t respect your rules and post their photo anyway? Also, what is your primary reason for not sharing their photo? Privacy? The child’s right to curate their own social media?” As I expected, some of the responses were adamant about privacy, others were less concerned, and some were just funny, like the dad who responded with a meme that said, “I told my mom that she was invading my privacy and she said I came out of her privacy.”

It’s a question more, and more parents are asking as our online privacy and personal information continue to be compromised. Platforms who swore our data was safe – I’m looking at you Facebook – have been exposed as vulnerable to breaches. If even Pentagon computers can get hacked, how secure are the rest of us, the ones who tick the box saying we’ve read the Terms and Conditions but never have?

For years, privacy experts have been warning us about the risks of exposing your personal life online, and parents are beginning to listen. Years ago when mommy-blogging was at its peak, and Facebook was taking off, personal information like the first day of school pictures included the name of the child’s school or geotags with the family vacation resort tagged were common. Contrast that with parents today who are choosing to keep those details limited to private groups of close friends and family or offline completely.

Part of the problem seems to be generational. While Baby Boomers didn’t grow up with today’s tech ubiquity, they have embraced it as passionately as younger generations. According to Pew Research, 90%+ of adults over 60 own a computer or laptop, 70% have a smartphone, and 40% have a tablet. Boomers also represent 1/3 of all online and social media users. Boomers are especially fond of Facebook, with 65% saying it’s their preferred social media network.

That love for Facebook, coupled with their love for their grandchildren is at the heart of growing tension between young parents and their own parents. The biggest threat to your family’s cyber-security may not be Russian hackers – it’s Nana.

 Lena, one of the moms who responded to my poll, posted a screenshot and captioned it, “Family member currently with a pic of my baby as their profile pic.” The photo had been published without Lena’s consent.

Another respondent, Sophia,* has a private Facebook group for her newborn. Under a recent photo of the child, a relative asked how she could share the pictures as there’s no “Share” button under the post. When Sophia explained they prefer to keep the images limited to close family and friends, the family member objected. Sophia once again respectfully explained her position and included a link to the story of an American teen who discovered a photo of her had used in a Virgin Mobile Australia campaign without her consent. The family member countered with “these things happen… but why should that stop the joy of our friends and family from seeing our offspring… I respect your decision but had to voice my opinion.”

Several respondents sent private messages lamenting their parent’s refusal to accept their choice to limit their child’s online presence. “My mom constantly tags herself in my photos. I don’t know a lot of her friends and even worse, her profile is set to “public” so who even knows who is seeing those pictures of my kids?”

That’s an important question. One of the respondents to the poll cautioned, “I don’t share pictures of any of my 19 nieces/nephews, or any other children. I have only accepted if adults share pictures on my timeline; and only after I have reviewed them or if they give me direct consent. I work in law enforcement and am aware of more than I would like to know about pedophilia; personal identity theft; and the like.”

It’s a global issue leading some countries such as France to implement much more stringent privacy laws than here in America. French parents have been warned to stop posting pictures of their children on social media platforms or face the possibility of being sued for violating the child’s right to privacy or jeopardizing their personal security. The penalties are as harsh as one year in prison and a fine of €45,000 ($50,000) if convicted of publicizing the intimate details of the private lives of others —including their children – without their expressed consent.

Here in the US, the likelihood of such a suit succeeding is unlikely. There’s no legal precedent or laws concerning oversharing, and parents could claim the suit is a violation of their First Amendment rights.  There’s also the parent-child immunity doctrine — the legal notion that a child cannot bring legal action against his or her parents for torts, or civil wrongs, parents inflict while the child is a minor.

Parenting coach Ray FitzGerald recommends following the three P rules of posting. “There’s privacy (“Make sure your privacy settings aren’t public. Treat your child’s private images like your Social Security number and don’t hand it out like digital candy”); perception (“If you wouldn’t want a similar picture of yourself shared, then you likely shouldn’t share one of your child”); and permission (a rule he admits mostly applies to older kids).”

*Name changed by request for privacy purposes

Tracey Dowdy is a freelance writer based just outside Washington DC. After years working for non-profits and charities, she now freelances, edits and researches on subjects ranging from family and education to history and trends in technology. Follow Tracey on Twitter.

What you should do about the Target data breach

Target today provided an update on the customer information data breach that was first disclosed last month. Instead of the 40 million individuals that were originally thought to be impacted by the breach, the number has now reached 70 million and is still climbing, with stolen information including names, mailing addresses, phone numbers, and e-mail addresses.

The company stressed that this latest discovery was not the result of a new breach but rather was uncovered as part of the ongoing investigation into the original data theft. The unauthorized access took place between November 27th and December 15th, 2013 and potentially impacted every customer who used a payment card at any of the 1,800 U.S.-based Target stores during that timeframe.

As part of the latest announcement, Target again stressed that customers will not be responsible for fraudulent charges, although that offers little comfort to the millions of individuals who now realize they have been exposed to wholesale identity theft as well as credit and debit card fraud.

So if you are a Target customer, what should you do to protect yourself? Well, there are a few simple steps you can take and some that are a little more complicated. Here’s a quick run through of the recommended actions:

Check your statements

The first step is to thoroughly check your bank and credit card statements to make sure you haven’t already been subjected to fraudulent activity. As The New York Times reported, there was a ten- to twentyfold increase in the number of high-value stolen payment cards on black market web sites immediately following the Target data breach. While Target released a statement on December 20th saying it was aware of only a few incidents of unlawful activity, criminals will often wait until the early security scare has died down before initiating those first fraudulent transactions.

Cancel your card

This is a hard thing to do – it can be a huge inconvenience – but it’s a very important step in protecting both your credit and your identity. As suggested above, it’s easy to get a false sense of security when those fraudulent charges don’t show up in the first couple of weeks but that’s what the bad guys are relying on.

If you replace your card, go back over your credit or debit card statements for the last 12 months and make a note of all the automatic monthly payments and direct debits. They can include anything from Netflix fees to your iTunes account to domain name registrations. I replaced a commonly used credit card early last year and I am still getting notices from various service providers about declined charges.

Even though it’s an inconvenience, replacing the impacted payment card is the right thing to do. The data on that card has been compromised and it’s all too easy for that information to fall into the wrong hands.

Check your credit reports

If you don’t already check your credit reports, then this is the perfect opportunity to start doing so. Although you can request a free credit report from the three main credit bureaus, Equifax, Experian and TransUnion, this will only give you a once-a-year snapshot of your credit picture. If you’re at risk from the Target data breach, it would be better to engage a credit monitoring service, which will automatically notify you of any change to your credit status, however minor.

In fact, as part of its response to the data breach, Target is offering customers free credit monitoring and identity theft protection. Although details of the plan have yet to be released, the service will include complimentary credit reports, daily credit monitoring, identity theft insurance, and access to personalized assistance. While some customers might balk at the thought of handing over social security numbers and additional personal information to a company that was the target of one of the biggest ever data thefts, it is definitely something worth considering.

In summary, close monitoring of all your financial transactions and credit history is the key to coming out of this unscathed, and doing nothing is the worst possible option. Not surprisingly, Target is heavily engaged in damage control right now and you should be doing the same.